Safeguarding confidential data on your IP network is a top priority. This requires a multi-pronged approach including\u00a0protecting\u00a0your network and data as well as equipment that\u00a0is not easy for hackers to access the network via devices. As AV conferencing equipment becomes increasingly network capable, IT Manager Heads need to be assured that these devices are not open to security breaches.\nShure Audio Encryption\nShure has considered the unique security needs of their customers and developed technology to help safeguard content without compromising audio quality. Shure Audio Encryption protects confidential meeting content. The AES-256 encryption algorithm has been adopted as one of the safest forms of network protection by leading financial institutions,\u00a0government bodies and\u00a0health\u00a0care\u00a0services.\nThe AES-256 encryption algorithm utilises a user-configured passphrase on each device, similar to applying a passphrase to the Wi-Fi connections on home router products. Shure devices with mismatching passphrases will result in no audio (silence) at the listening end. Non-Shure devices will not connect to an encrypted Shure device.\nMany Shure conferencing systems and live audio solutions feature Dante-enabled technology. Their customers have recognised the advantages and efficiencies of routing audio over their gigabit existing network infrastructure. Shure offers Dante audio for a variety of applications including sound reinforcement, recording and conferencing. They are found in boardrooms, meeting rooms, courtrooms, interview rooms, worship spaces, and theatrical venues.\nWith Shure Audio Encryption enabled, Dante audio is encrypted prior to being sent over the network to another Dante device which supports Shure Audio Encryption, where it is decrypted and forwarded for IntelliMix\u00ae DSP\u00a0processing or analog conversion.\nAvailability\nShure Audio Encryption is available with Microflex\u00ae Advance\u2122 Array microphones, the IntelliMix\u00ae P300 Audio Conferencing Processor,\u00a0and selected Audio Network Interfaces. The feature can be added to these products already installed in the field through a firmware upgrade.\nAudio Encryption Q&A\nThe popularity of Dante has given rise to questions about cybersecurity vulnerabilities that apply to transmitting audio over an IP network.Q: Is it possible for someone to "wire-tap" Dante audio over the network?A:\u00a0 Yes. The unencrypted IP packets containing Dante audio flows can be captured using freely available packet capture tools, then manipulated and played back with a Dante enabled audio device. Shure Network Audio Encryption inhibits a rogue Dante audio device from playing encrypted audio flows.Q: My Dante gear is never connected to the core network \u2013 it is isolated to the room (an "air gap" security solution).\u00a0Therefore I don't need to worry about Dante audio being tapped, right?A: Maybe. While an air gap solution greatly reduces access to the Dante audio, it still may be possible to connect to the room network on an open Ethernet jack, allowing someone to introduce a "rogue" (unauthorised) Dante endpoint.\u00a0Using the freely available Dante Controller application, the network audio streams can be routed to the rogue device, captured and recorded. With Shure Audio Encryption, even a rogue Dante device located in the meeting room would be unable to listen in on the conversation.Q: It seems relatively easy for unintended audiences to access the Dante audio. This could compromise sensitive discussions in boardrooms.\u00a0Is there anything that can be done with the network infrastructure to protect and secure our audio?A: Yes.\u00a0Several enterprise IT organizations restrict connectivity to their corporate network by MAC address \u2013 this would stop rogue Dante recording devices from joining the network.\u00a0Alternatively, most enterprise-grade network switches can be configured with VLANs \u2013 a technique used to isolate a set of ports on the switch to create a new 'virtual' LAN. With Dante devices isolated on a VLAN, the Dante Controller application cannot discover the devices, and 'rogue' endpoints cannot access the Dante audio flows. Shure Audio Encryption can be enabled in addition to these things to build a multi-layered security solution.Q:\u00a0 With MAC port restrictions, VLANs, and other IT network protections against 'rogue' devices, is it still possible for the Dante audio to reach unintended listeners?A:\u00a0 Yes.\u00a0For example, employees with administration privileges can still use authorised devices to install Dante Controller and packet capture tools to gain access to Dante audio, and possibly compromise sensitive information. With Shure Audio Encryption, even if someone with admin privileges gains access to the Dante audio, they will be restricted from listening without the passphrase. For that reason, it is important to restrict passphrase access to carefully selected individuals.\nShure takes\u00a0security very seriously. Learn more about Shure\u2019s secure conferencing solutions here.\nShure is proudly distributed by Jands in Australia. Get in touch with their friendly Product Support Team \u00a0for more information.\n* MXWANIs will not support Shure Network Audio Encryption. The upgrade for these systems will require new MXW firmware and a hardware upgrade to replace the MXWANI with ANI4OUT or P300 products.